Every domain you connect inside Mewayz gets a certificate provisioned and renewed automatically — no certbot, no expiry reminders, no manual renewal window. The module also enforces security headers, HSTS, and content policies across all public-facing surfaces, so you ship a hardened site without a separate WAF subscription or a DevOps pass after every deploy.
No add-on tiers, no feature gates — this is what the module ships with, included in every plan.
Certificates are issued the moment a domain resolves to the platform and renewed before expiry — no manual Let's Encrypt renewal or cron job required.
HTTP-to-HTTPS redirects and HSTS headers are enforced at the platform level across every surface — website, portals, booking pages — without per-site configuration.
Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy are applied to all responses by default, with UI controls to customise per surface if needed.
The platform polls certificate validity and flags expiry risks in the admin dashboard. You see which domains are covered and which are pending — no surprise browser warnings for your clients.
Every custom domain in the Custom Domains module — including client workspace domains on Agency tier — is covered under the same SSL management. No per-certificate billing.
SSL management is not an add-on or an enterprise feature. Every plan includes certificate provisioning and renewal for every domain you connect.
Let's Encrypt is free but manual — certbot, cron jobs, renewal windows, and nothing that knows about your headers or your client domains. SSL & Security automates all of it inside the platform.
Start free with VCard & Link-in-Bio. Turn on SSL & security and the rest of the catalog from one flat plan — no per-seat fee, ever.